US8805882B2ActiveUtilityA1
Programmatically enabling user access to CRM secured field instances based on secured field instance settings
Est. expiryJan 20, 2031(~4.5 yrs left)· nominal 20-yr term from priority
G06Q 30/01G06Q 30/00G06F 21/6218H04L 63/105H04L 63/20G06Q 10/00G06F 16/00H04L 63/10H04L 63/101H04L 63/107G06F 15/16G06F 17/30
80
PatentIndex Score
9
Cited by
40
References
19
Claims
Abstract
Access to customer relationship management (CRM) secured field instances is enabled based on field settings. A requester's identity determines action paths to be executed in order to enable access to fields. A client application's user privileges are inherited to enable access to secured fields. Such access through a granted privilege is provided through an API intermediating inheritance of user's privileges from client application.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A method executed by a computing device enabling access to customer relationship management (CRM) secured field instances, the method comprising:
determining a profile of a user requesting access to a CRM secured field instance at a processor of the computing device;
determining a global access privilege of the user to access the CRM secured field instance based on the profile at the processor of the computing device;
storing, at a data store through the processor, one or more Principle Object Attribute Access (POAA) entities having a plurality of fields including: a security principal of one of: the user and a team, a shared access including one of: a read access and an update access, and the CRM secured field instance including: a target identifier, an instance type, and an attribute identifier;
retrieving a client application privilege of the user from the data store through the one or more POAA entities to retrieve the CRM field instance with a secured status upon determining the user not having a global read access at the processor of the computing device;
determining an action path to enable access to the CRM secured field based on a setting of the CRM secured field instance at the processor of the computing device; and
enabling the user to access the CRM secured field instance through a communication module of the computing device by executing the action path at the processor of the computing device.
2. The method of claim 1 , further comprising:
providing the user at least one from the set of: granting access, modifying access, and revoking access associated with the CRM secured field instance through the communication module of the computing device.
3. The method of claim 1 , wherein the CRM field instance setting is one of a secured and unsecured status.
4. The method of claim 1 , wherein the action path groups a plurality of CRM field instances.
5. The method of claim 1 , wherein the action path groups a plurality of user profiles.
6. The method of claim 1 , wherein determining the action path is based on at least one from the set of: a system resource utilization, a timed duration, and a usage limit.
7. The method of claim 1 , wherein the action path adds a select query to a select list to retrieve the CRM field instance with an unsecured status.
8. The method of claim 1 , wherein the action path adds a select query to a select list to retrieve the field instance with a secured status upon determining the user having a global read access.
9. The method of claim 1 , wherein the action path inherits the client application privilege of the user and adds a select query with a join condition on a POAA table to a select list in order to retrieve the field instance with a secured status.
10. A customer relationship management (CRM) application server enabling access to CRM field instances, the server comprising:
a memory;
a processor coupled to the memory, the processor executing an application in conjunction with instructions stored in the memory, wherein the application is configured to:
determine a profile of a user requesting access to a CRM field instance having one of a secured and unsecured status setting;
determine a global update access privilege of the user to update the field instance based on the profile;
in response to the user not having the global update access privilege, throw an exception to initiate a process including one of:
deny an update to the field instance, and
grant a limited update access including at least one of a read and a write access to the field instance;
retrieve a client application privilege of the user from a data store through one or more Principle Object Attribute Access (POAA) entity instances to retrieve the CRM field instance with a secured status upon determining the user not having a global read access;
grant one or more shared user privileges depending on POAA entity instance needs;
determine an action path to enable updating the field instance based on a setting of the CRM field instance; and
enable the user to update the field instance by executing the action path.
11. The server of claim 10 , wherein the action path includes one of a write and delete action.
12. The server of claim 10 , wherein the action path includes issuing an exception.
13. The server of claim 10 , wherein the exception is used to grant a limited write access to the CRM field instance with an unsecured status.
14. The server of claim 10 , wherein the action path includes allowing the user to update the secured field instance upon determining the user having the global update access.
15. The server of claim 14 , wherein the application is further configured to determine the shared update access upon determining the user having no global access.
16. The server of claim 15 , wherein the action path inherits the client application privilege of the user and adds a select query with a join condition on a POAA table to a select list in order to retrieve the field instance with a secured status.
17. A computing device for enabling access to customer relationship management (CRM) field instances, the computing device comprising:
a memory for storing instructions; and
a processor configured to perform a method in conjunction with the instructions, the method comprising:
determining a profile of a user requesting access to a CRM field instance having one of a secured and unsecured status setting;
determining a global access privilege of the user to access the CRM field instance based on the profile;
storing one or more Principle Object Attribute Access (POAA) entity instances having a plurality of fields including: a security principal of one of: the user and a team, a shared access including one of: a read access and an update access, and the CRM field instance including: a target identifier, an instance type, and an attribute identifier;
retrieving a client application privilege of the user from a data store through the one or more POAA entity instances to retrieve the CRM field instance with a secured status upon determining the user not having a global read access;
granting one or more shared user privileges depending on POAA entity instance needs;
determining an action path to one of grant, modify, and revoke access to the field instance based on a setting of the CRM field instance; and
enabling the user to access the field instance by executing the action path.
18. The computing device of claim 17 , wherein the method further comprises:
employing a create Application Programming Interface (API) for granting access to the secured field instance;
employing an update API to modify access to the secured field instance; and
employing a delete API to revoke access from the secured field instance.
19. The computing device of claim 17 , wherein the user is a trusted client application.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.